<?php
// +----------------------------------------------------------------------
// | ThinkPHP [ WE CAN DO IT JUST THINK IT ]
// +----------------------------------------------------------------------
// | Copyright (c) 2009 http://thinkphp.cn All rights reserved.
// +----------------------------------------------------------------------
// | Licensed ( http://www.apache.org/licenses/LICENSE-2.0 )
// +----------------------------------------------------------------------
// | Author: liu21st <liu21st@gmail.com>
// +----------------------------------------------------------------------

class PublicAction extends Action {
	// 检查用户是否登录

	protected function checkUser() {
		if(!isset($_SESSION[C('USER_AUTH_KEY')])) {
			$this->assign('jumpUrl','Public/login');
			$this->error('没有登录');
		}
	}

	public function left() {
		$this->checkUser();
		if(isset($_SESSION[C('USER_AUTH_KEY')])) {
			//显示菜单项
			$menu  = array();
			//Log::write('menu--begin----');
		//	if(isset($_SESSION['menu'.$_SESSION[C('USER_AUTH_KEY')]])) {
	
				//如果已经缓存，直接读取缓存
		//		$menu   =   $_SESSION['menu'.$_SESSION[C('USER_AUTH_KEY')]];
		//	}else {
				//读取数据库模块列表生成菜单项
				$model	=	M("Group");//分组
				$glist	=	$model->where('status=1')->order('sort asc')->getField('id,title,name');
				//Log::write(json_encode($glist));
				foreach ($glist as $k=>$v){						
					$submenu  = array();
					$node    =   M("Node");
					$id	=	$node->getField("id");
					$where['level']=2;
					$where['status']=1;
					$where['pid']=$id;
					$where['group_id']=$k;
					$list	=	$node->where($where)->field('id,name,group_id,title,nodeicon')->order('sort asc')->select();
					if(isset( $_SESSION['_ACCESS_LIST']))$accessList = $_SESSION['_ACCESS_LIST'];
					foreach($list as $key=>$module) {
						if(isset($accessList[strtoupper(APP_NAME)][strtoupper($module['name'])]) ||isset($_SESSION['administrator'])) {
						//设置模块访问权限
							$module['access'] =   1;
							$module['groupname'] = $v['name'] ;
							$submenu[$key]  = $module;
						}
					}
					$menu[$v['title']]=$submenu;
			
				}
				//缓存菜单访问
				$_SESSION['menu'.$_SESSION[C('USER_AUTH_KEY')]]	=	$menu;
		//	}
			
		//Log::write(json_encode($menu));
			$this->assign('menu',$menu);
		}
		C('SHOW_RUN_TIME',false);			// 运行时间显示
		C('SHOW_PAGE_TRACE',false);
		//$this->display();
	}
	public function left1() {
		$this->checkUser();
		if(isset($_SESSION[C('USER_AUTH_KEY')])) {
			//显示菜单项
			$menu  = array();
			//	if(isset($_SESSION['menu'.$_SESSION[C('USER_AUTH_KEY')]])) {
	
			//如果已经缓存，直接读取缓存
			//		$menu   =   $_SESSION['menu'.$_SESSION[C('USER_AUTH_KEY')]];
			//	}else {
			//读取数据库模块列表生成菜单项
			$model	=	M("Group");//分组
			$glist	=	$model->where('status=1')->order('sort asc')->getField('id,title');
			foreach ($glist as $k=>$gtitle){
				$submenu  = array();
				$node    =   M("Node");
				$id	=	$node->getField("id");
				$where['level']=2;
				$where['status']=1;
				$where['pid']=$id;
				$where['group_id']=$k;
				$list	=	$node->where($where)->field('id,name,group_id,title,nodeicon')->order('sort asc')->select();
				$accessList = $_SESSION['_ACCESS_LIST'];
				foreach($list as $key=>$module) {
					if(isset($accessList[strtoupper(APP_NAME)][strtoupper($module['name'])]) ||isset($_SESSION['administrator'])) {
						//设置模块访问权限
						$module['access'] =   1;
						$submenu[$key]  = $module;
					}
				}
				$menu[$gtitle]=$submenu;
					
			}
			//缓存菜单访问
			$_SESSION['menu'.$_SESSION[C('USER_AUTH_KEY')]]	=	$menu;
			//	}
			if(!empty($_GET['tag'])){
				$this->assign('menuTag',$_GET['tag']);
			}
				
			//dump($menu);
			Log::write(json_encode($menu));
			$this->assign('menu',$menu);
		}
		C('SHOW_RUN_TIME',false);			// 运行时间显示
		C('SHOW_PAGE_TRACE',false);
		//$this->display();
	}
    // 后台首页 查看系统信息
    public function main() {
     
        $this->display();
    }

    // 后台首页 查看系统信息
    public function getsysinfor() {
    	$info = array(
    			array('name'=>'操作系统','infor'=>PHP_OS),
    			array('name'=>'运行环境','infor'=>$_SERVER["SERVER_SOFTWARE"]),
    			array('name'=>'PHP运行方式','infor'=>php_sapi_name()),
    			array('name'=>'ThinkPHP版本','infor'=>THINK_VERSION.' [ <a href="http://thinkphp.cn" target="_blank">查看最新版本</a> ]'),
    			array('name'=>'上传附件限制','infor'=>ini_get('upload_max_filesize')),
    			array('name'=>'执行时间限制','infor'=>ini_get('max_execution_time').'秒'),
    			array('name'=>'服务器时间','infor'=>date("Y年n月j日 H:i:s")),
    			array('name'=>'北京时间','infor'=>gmdate("Y年n月j日 H:i:s",time()+8*3600)),
    			array('name'=>'服务器域名/IP','infor'=>$_SERVER['SERVER_NAME'].' [ '.gethostbyname($_SERVER['SERVER_NAME']).' ]'),
    			array('name'=>'剩余空间','infor'=>round((@disk_free_space(".")/(1024*1024)),2).'M'),
    			array('name'=>'register_globals','infor'=>get_cfg_var("register_globals")=="1" ? "ON" : "OFF"),
    			array('name'=>'magic_quotes_gpc','infor'=>(1===get_magic_quotes_gpc())?'YES':'NO'),
    			array('name'=>'magic_quotes_runtime','infor'=>(1===get_magic_quotes_runtime())?'YES':'NO')
    	);
    	$result=array('Rows'=>$info,'Total'=>13);
    	echo json_encode($result);
    }
    
	// 用户登录页面
	public function login() {
		if(!isset($_SESSION[C('USER_AUTH_KEY')])) {
			$this->display();
		}else{
			$this->redirect('Index/index');
		}
	}

	public function index()
	{
		//如果通过认证跳转到首页
		redirect(__APP__);
	}

	// 用户登出
    public function logout()
    {
        if(isset($_SESSION[C('USER_AUTH_KEY')])) {
			unset($_SESSION[C('USER_AUTH_KEY')]);
			unset($_SESSION);
			session_destroy();
           // $this->assign("jumpUrl","__URL__".'/login/');
            $this->success('登出成功！');
        }else {
            $this->error('已经登出！');
        }
    }

	// 登录检测
	public function checkLogin() {
		if(empty($_POST['account'])) {
			$this->error('帐号为空！');
		}elseif (empty($_POST['password'])){
			$this->error('密码必须！');
		}
		/*elseif (empty($_POST['verify'])){
			$this->error('验证码必须！');
		}*/
        //生成认证条件
        $map            =   array();
		// 支持使用绑定帐号登录
		$map['account']	= $_POST['account'];
        $map["status"]	=	array('gt',0);
		/*
		 
		 if($_SESSION['verify'] != md5($_POST['verify'])) {
			$this->error('验证码错误！');
		}*/
		import ( '@.ORG.Util.RBAC' );
        $authInfo = RBAC::authenticate($map);
        //使用用户名、密码和状态的方式进行认证
        if(!isset($authInfo)) {
        //	if(false === $authInfo) {
            $this->error('帐号不存在！');
        }else {
            if($authInfo['password'] != md5($_POST['password'])) {
            	$this->error('密码错误！');
            }
            $_SESSION[C('USER_AUTH_KEY')]	=	$authInfo['id'];
            $_SESSION['email']	=	$authInfo['email'];
            $_SESSION['loginUserName']		=	$authInfo['nickname'];
            $_SESSION['lastLoginTime']		=	toDate($authInfo['last_login_time']);
			$_SESSION['login_count']	=	$authInfo['login_count'];
			$_SESSION['adminid'] = $_SESSION['userid'] = $authInfo['id'];
			//$_SESSION['groupid'] = $authInfo['groupid'];
            if($authInfo['account']=='admin') {
            	$_SESSION['administrator']=true;
            	$_SESSION['usergroup']='超级管理员';
            }
            //保存登录信息
			$User	=	M('User');
			$ip		=	get_client_ip();
			$time	=	time();
            $data = array();
			$data['id']	=	$authInfo['id'];
			$data['last_login_time']	=	$time;
			$data['login_count']	=	array('exp','login_count+1');
			$data['last_login_ip']	=	$ip;
			$User->save($data);

			// 缓存访问权限
            RBAC::saveAccessList();
          //  Log::write('session:'.json_encode($_SESSION));
			$this->success('登录成功！');

		}
	}
    // 更换密码
    public function changePwd()
    {
		$this->checkUser();
        //对表单提交处理进行处理或者增加非表单数据
		if(md5($_POST['verify'])	!= $_SESSION['verify']) {
			$this->error('验证码错误！');
		}
		$map	=	array();
        $map['password']= pwdHash($_POST['oldpassword']);
        if(isset($_POST['account'])) {
            $map['account']	 =	 $_POST['account'];
        }elseif(isset($_SESSION[C('USER_AUTH_KEY')])) {
            $map['id']		=	$_SESSION[C('USER_AUTH_KEY')];
        }
        //检查用户
        $User    =   M("User");
        if(!$User->where($map)->field('id')->find()) {
            $this->error('旧密码不符或者用户名错误！');
        }else {
			$User->password	=	pwdHash($_POST['password']);
			$User->save();
			$this->success('密码修改成功！');
         }
    }

	 public function verify()
    {
		$type	 =	 isset($_GET['type'])?$_GET['type']:'gif';
        import("@.ORG.Util.Image");
        Image::buildImageVerify(4,1,$type);
    }
    
    public function profile() {
    	$this->checkUser();
    	$User	 =	 M("User");
    	$vo	=	$User->getById($_SESSION[C('USER_AUTH_KEY')]);
    	$this->assign('vo',$vo);
    	$this->display();
    }
// 修改资料
	public function change() {
		$this->checkUser();
		$User	 =	 D("User");
		
		if(!$User->create()) {
			$this->error($User->getError());
		}
		$result	=	$User->save();
		if(false !== $result) {
			$this->success('资料修改成功！');
		}else{
			$this->error('资料修改失败!');
		}
	}
	public function getMyFavorite()
	{
		$this->checkUser();
		$Model = new Model(); // 实例化一个model对象 没有对应任何数据表
		$result=$Model->query("select b.name,b.title,b.nodeicon from ".C('DB_PREFIX')."favorite a,".C('DB_PREFIX')."node b where a.node_id=b.id and a.user_id=".$_SESSION[C('USER_AUTH_KEY')]." order by a.sort asc");
		echo json_encode($result);
	}
}
?>